Chinese hackers get access to 4.5M patient information

For a lot of people, their health problems are not something they want the entire world to know about. Your body is the one thing that is yours, and only yours, and its just nobody else's businesses. But that may no longer be the case. Just in case you wanted to feel even less secure about your privacy and security, not only are your credit cards and online passwords vulnerable to hackers, it turns out that even your medical records are potentially fair game as well. Oh, goody!

Community Health Systems, one of the largest providers of general hospital healthcare services in the United States, has been hacked by an “Advanced Persistent Threat” group originating from China, it was revealed in a filing with the Securities and Exchange Commission on Monday.

The company says that the group "was able to bypass the Company’s security measures and successfully copy and transfer certain data outside the Company," and that, since first learning about the hacking, which is believed to have occurred in April and June of this year, it "has worked closely with federal law enforcement authorities in connection with their investigation and possible prosecution of those determined to be responsible for this attack."

Community Health Systems has also been working with U.S. security firm Mandiant, which is advising the company on "remediation efforts."

In case you were nervous about someone in China finding out some embarrassing secrets you've been carrying around, though, fear not; the hackers did not access any patient credit card, medical or clinical information. The information that they did gather, though, is, I believe, far worse: it includes patient names, addresses, birth dates, telephone numbers and social security numbers. In all, roughly 4.5 million patients who had been referred to Community Health Systems in the last five years were said to be affected.

Despite the bad publicity that will inevitable come from this incident, Community Health Systems says it "does not believe this incident will have a material adverse effect on its business or financial results." And perhaps that is true: the company's stock is currently up 0.76%, or 39 cents, to $51.39 a share.

Founded in 1985, the Franklin, Tennessee-base Community Health Systems is a Fortune 500 company that operates 206 hospitals in 29 states.

Chinese hackings

The fact that the hacking of Community Health Systems came from a group based out of China is significant, as the U.S. Department of Justice leveled charges against China for cyber espionage back in May, marking the first time the U.S. ever leveled criminal charges against a foreign government for economic cyber spying.

Last year, U.S. security firm Mandiant traced over 140 cyber attacks on U.S. and foreign businesses and organizations to a specific unit in China’s army known widely as the “Comment Crew” or the “Shanghai Group.” An assessment by the National Intelligence Estimate identified a pretty extensive range of sectors that have been impacted by China’s spying, including finance, IT, aerospace, automotive, and energy, among others. Some of the companies that have been hacked include Google—obviously—as well as drone manufacturers and the makers of nuclear weapons parts.